1. Field of the Invention
This invention relates to a computer-readable recording medium storing a security management program for ensuring security during execution of jobs, a security management system, and a method of security management, and more particularly to a computer-readable recording medium storing a security management program for ensuring security during execution of a job input from another apparatus, a security management system, and a method of security management.
2. Description of the Related Art
A grid system is employed in a large number of companies so as to perform a large amount of calculation by parallel processing. The grid system is comprised of a plurality of nodes (computers for executing jobs) connected via a network, and divides and allocates processing to be executed to the nodes to cause them to perform parallel processing.
In the grid system, a number of computers are connected via a network for operation. Therefore, if one of the computers is infected with a virus, or illegally intruded from outside by attack on a security hole therein, the security of the whole network is jeopardized. To overcome this problem, a technique of ensuring the security of individual computers is necessitated.
As the technique of ensuring the security of a plurality of computers, there has been proposed a technique, for example, which causes a moving object to travel between the computers and inspect infection by a computer virus. In this technique, when infection by a computer virus is detected by the moving object, it is possible to stop communication between the infected computer and the other computers (see e.g. Japanese Unexamined Paten Publication No. 2003-208325).
By the way, in many cases, users of the conventional grid system are advanced researchers. Therefore, almost all part of a program submitted to the system is specially written in a manner adapted to a use of computation as a purpose peculiar to the program. On the other hand, due to the widespread use of the grid system, it is expected that processes of programs, which are commonly used by the programs for various purposes of computation, come to be provided as libraries. The library is a program which describes a process commonly performed between a plurality of programs describing operations of different tasks. For example, a process for covariance matrix computation, a process for communication between grid nodes, a process for database operations, and so forth are often commonly usable between the programs. In such cases, it is possible to provide these processes as libraries.
When libraries are used in a large number of programs, if a security hole is found in any of them, all the nodes in which the programs are operating are at risk. To cope with this inconvenience, it is necessary to quickly eliminate the security hole.
Libraries have been rarely used in the grid system, with no serious security holes having been found in the libraries hitherto, and hence this problem has not been obvious. When libraries come to be widely used in the future, there is a possibility that there may be unexpectedly found a security hole, and it becomes a target of attack. In such a case, all the grid nodes in which programs linked to the libraries are being executed can be at risk. Thus potential threats also come to increase.
In the current grid system, however, it is not considered to cope with the above threats quickly and exhaustively, so that potential threats remain to exist. It should be noted that in the technique disclosed in the aforementioned publication, when a computer is infected with a virus, the virus cannot be detected until the moving object patrols the computer, which is insufficient in respect of quickness in coping with the threat.